Spammers on avast forum!

system · 2006-10-13T03:54:52.000Z

I’m sorry about that it didn’t show that way in my email and I just cut and pasted >:(

Lisandro · 2006-10-13T03:57:22.000Z

GHammer post:42:

I see at the bottom of each page here that the forum is on v1.0.1 of the forum software.
The current release is v1.0.8 it is a critical update.

Well… this was discussed before… and security was not one of the ‘necessary’ changes…
Maybe they did not give speciall attention to the changes.
I can’t find anything here: http://www.simplemachines.org/about/features.php (SMF 1.1 - forum software feature list).
What did really change from 1.0.1 to 1.0.8 ???

system · 2006-10-13T03:59:11.000Z

Site Admin, at least kill the reported accounts that are send this crap out.
I’d take a close look at the logs and at least do a temporary netblock ban on them until you get things straightened out.

system · 2006-10-13T04:01:51.000Z

thebeachbum33 post:46:

I’m sorry about that it didn’t show that way in my email and I just cut and pasted >:(

At least edit/modify your post.

system · 2006-10-13T04:12:30.000Z

The Hammer post:49:

thebeachbum33 post:46:

I’m sorry about that it didn’t show that way in my email and I just cut and pasted >:(

At least edit/modify your post.

Done didn’t realize I could :

szc · 2006-10-13T04:43:02.000Z

thebeachbum33 post:50:

Done didn’t realize I could :

You didn’t do a thing… nothing’s done like you mentioned… all links are still alive inside your reply here:

http://forum.avast.com/index.php?topic=24177.msg198646#msg198646

system · 2006-10-13T04:45:57.000Z

well this sucks…

system · 2006-10-13T05:38:14.000Z

Sucks big time, just got mine today. Too bad forum security isn’t as good as their product.

system · 2006-10-13T06:26:11.000Z

Guys, even mods have to sleep.

So:
a) idiots been banned few minutes ago
b) NO DATABASE HAS BEEN COMPROMISED! They simply walked the list of the users and then sent the PMs to them. No direct mailing to stolen emails. Reg database is stored elsewhere, without direct internet access.
c) All newbies were denied from using the PMs.

Dwarden · 2006-10-13T06:46:28.000Z

i said this in another thread but i repeat here as it’s more “active”

it could help set min number of posts before user get chance to use PM … let say 25 …
of course sending PM to moderators / admin can anyone with 1+ etc.

should help to prevent this to repeat more often

system · 2006-10-13T06:52:17.000Z

Nice to see security is upgraded. Got my spam 4h before it was upgraded :-\ but as Dwarden says to moderators and admins it shouldn’t be that much.

polonus · 2006-10-13T06:55:08.000Z

Hi all,

If we had to upload all our pictures through imageshack or whatever filtered, we could stop this.

polonus

system · 2006-10-13T07:42:27.000Z

[b]Below is the full spam MSG., including the INTERNET header. My email pgm flagged it as spam. I still scan all, so I knew the links were phony, and nailed it.

Since the Admin has resolved it, I post only as an addition. If anyone actually followed any of the links as the email requested they were foolish or stupid. Why would (In my Mind) the best FREE and PAY Anti-virus Company send out porn links, since reading the message should have been obvious as to it’s intent.

Since I pasted this, you will note I disabled the PIC that would have been visable as a JPG image and only shows a question mark out of respect to others who may not be so amused.

NOTE: If you did follow any of them, you now have a “key logger” on your system, as my own safe investigation revealed. So expect some more fun from the links you may have accessed.[/b]

John Galt

]“Fools, although they hear, are like the deaf: To them the adage applies that when present they are absent.” —Heraclitus

Received: from sm00.avast.com ([70.84.157.228])
by alnrmxc23.comcast.net (alnrmxc23) with ESMTP
id <20061013010700a23005mon8e>; Fri, 13 Oct 2006 01:07:00 +0000
X-Originating-IP: [70.84.157.228]
Received: from sm00.avast.com (sm00.avast.com [127.0.0.1])
by sm00.avast.com (8.12.11.20060308/8.12.11) with ESMTP id k9D16v0Q007370
for john_galt@comcast.net; Fri, 13 Oct 2006 03:06:57 +0200
Received: (from apache@localhost)
by sm00.avast.com (8.12.11.20060308/8.12.11/Submit) id k9D16vj0007368;
Fri, 13 Oct 2006 03:06:57 +0200
Message-Id: 200610130106.k9D16vj0007368@sm00.avast.com
To: john_galt@comcast.net
Subject: New Personal Message: URGENT MESSAGE FROM ADMIN!!!
From: “avast!WEBforum” webadmin@asw.cz
Date: Fri, 13 Oct 2006 01:06:50 +0000
Content-Type: text/plain; charset=ISO-8859-1

You have just been sent a personal message by EdwardN on avast!WEBforum.

IMPORTANT: Remember, this is just a notification. Please do not reply to this email.

The message they sent you was:

If you have some time check out this COOL pic:
http://pix2.hotornot.com/pics/HU/KM/KY/KU/A8SRRZBAVPSL.jpg
Also, check out the following website I came across:
http://www.asian-man.com/asianmannew/main.htm
It will knock your socks off!
Next, the below website is thrilling!!!
http://www.aznlover.com
Finally, the following website is the absolute BOMB!!!
http://www.amyandbilly.com
ENJOY!!!

MY PIC: http://pix2.hotornot.com/pics/HU/KM/KY/KU/A8SRREEKAJPC.jxxxpg

http://pix2.hotornot.com/pics/HU/KM/KY/KU/A8SRREEKAJPC.xxxjpg

Reply to this Personal Message here: http://forum.avast.com/index.php?action=pm;sa=send;f=inbox;pmsg=29362;quote;u=25369

system · 2006-10-13T07:54:44.000Z

.: Mac :. post:3:

EdwardN got me too. I agree with Tech that we need a rule to stop PMs for members with less than 10 or so posts

Edit: Beatme101 Tech is a VERY respected member of this forum Im sure he had a good reason for including your name (mabye it was by mistake?)

you find a lot of members post more then 10x in a week better if it was like a 100 post count then enable it for the members to PM other.

but i really think some low lifer found a hole in the forum scrip and use the PM option to spam a lot of member at once.

system · 2006-10-13T09:11:57.000Z

I have just received the same spam e-mail. It was obvious that it was spam, so I just deleted it. It does not affect my confidence in avast! in any way - I still think it is an excellent piece of software with first class support.

regards,
dafydd

system · 2006-10-13T09:29:50.000Z

Received this from the spammer in personal mail.

igor0 · 2006-10-13T09:34:41.000Z

There’s really no need to post any further messages here - it actually only spreads the spamming.
The official response is here.

system · 2006-10-13T09:41:47.000Z

Understood!
However I was only indicating, that I did not get that message in email, but rather from the personal messages on this forum, as obviously he logged back in at the time indicated in the message, and wanted to make someone aware, since I could not send a personal message to the Admin. I was not aware it came in PM as well as to my normal email address. My apologies.

system · 2006-10-13T09:42:57.000Z

I must apologize.
After pulling my complete email records I see I did use the spammed address for a forum account.
Thankfully the Reg data base is stored separately, though that’s little relief to forum participants that were spammed or even worse have been compromised with malware.
I would think best practice would be to make member list function unavailable for general parsing.

system · 2006-10-13T10:42:23.000Z

Just to let the mods know i also go one of these pm’s today, will just delete it, it’s a shame that some idiot can cause so much trouble.

Also got the email.

It was from a EdwardN & it the image links have been edited as shown in the image on a post on this page.

Best wishes to the admins in fightin this.

BaNzI ;D

Announcements